File permissions when ftp

[Jay Paulson]

>>> This is an sftp issue, but you said you were using ftp - not the 
>>> same thing. Do both users use sftp, or does one use regular ftp?
>>>
>> Oops sorry I was assuming sftp since (correct me if I'm wrong) FC3 
>> only comes with sftp.  But yes both users were using sftp in all 
>> applications.
>
> sftp clients will often set the permissions of the uploaded file to 
> the same permissions as the original file on the source computer. 
> Regular ftp clients don't usually do this. You may be able to work 
> around the problem at the client end. If all else fails, you could 
> always set up a cron job to periodically set the group write bit on 
> all files in that directory.
>

As of now on our production box the network admin has FC3 set up.  If 
anyone wants to download a file we have to ssh in chown the file to the 
owner being the person who wants to work on it.  Then download the file 
and change the owner back.  There has to be a secure way around this so 
that people in the same group do not have to ssh into the box and 
change the permissions of the file every time they want to work on the 
file and still have Apache act normal not giving the 403 error.

>>> Do you have SELinux enabled?
>> Yes it is enabled.  I've done the ls -aZ command and everything looks 
>> right.  The only thing I have done to the directory is chgrp to my 
>> web group 'www', chmod it to 2775, and chown it to root.www.  I'm not 
>> quite sure why Apache is complaining.  The other directories I have 
>> set up with the <VirtuaHost> config don't complain (granted I haven't 
>> chgrp, chmod, or chown'ed them yet).
>
> Look in /var/log/messages to see if there are any selinux errors 
> relating to that directory when you try to access it.
>

Looked and there aren't any error messages.  Apache is running with 
httpd_t and all the directories and files are httpd_t as well.

jay